It's funny, because just yesterday I was reading about this: https://www.lansweeper.com/find-a-partner/8194/ - a solution which has been designed specifically for NHS organisations.
​
TBH £1/asset is good value. I tried PDQ but felt less flexible when it came to filtering quickly.
>>>>>I realise that I could create a topology to publish a scanning server of our own to the internet, but for various reasons (that I'll not go into here) that is less than desirable.>>>>>>
This is THE shortest distance between two points, and works perfectly.
I wonder if you couldn't spin up another instance of Lansweeper in the cloud and use a persistent VPN connection to aggregate your data?
https://www.lansweeper.com/knowledgebase/setting-up-an-installation-with-multiple-scanning-servers/
Pretty much what SPedraza93 has said. My issues were Windows Firewall related. They also have a connection tool you can run against an endpoint to troubleshoot. https://www.lansweeper.com/knowledgebase/how-to-troubleshoot-devices-with-the-device-tester/
Might want to take a look at tailoring what objects lansweeper is scanning on (Lansweeper Scanning
Also, maybe turn off/change scanning event viewer items, as I’ve seen that cause spikes in cpu/memory consumption. Though in my experience, it’s normally always the scanning server that takes the pain of it over the actual devices being scanned.
If you want to get a little deeper into configurations for security check out:
https://www.lansweeper.com/knowledgebase/marking-users-as-authorized-administrators/
​
This can help if you restrict local admins at all.
If you only use Carbon Black you can set the configuration for AV in Lansweeper. Then the canned "AV" report should report correctly.
https://www.lansweeper.com/knowledgebase/managing-anti-virus-software-reports/
Otherwise I would look on the forums for reports for a "software report" that looks for a specific software, then use that report to get what you need. Lansweepers community has a ton of reports you can easily adapt.
​
This is one I use to look for systems missing our "AV"
​
Select Top 1000000 tsysOS.Image As icon,
tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tblAssets.Username,
tblAssets.Userdomain,
tblAssets.IPAddress,
tblAssets.Firstseen,
tblAssets.Lastseen,
tblAssets.Lasttried
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysOS On tsysOS.OScode = tblAssets.OScode
Where tblAssets.AssetID Not In (Select Top 1000000 tblSoftware.AssetID
From tblSoftware Inner Join tblSoftwareUni On tblSoftwareUni.SoftID =
tblSoftware.softID
Where tblSoftwareUni.softwareName Like '%ANTI-VIRUS PRODUCT NAME HERE%') And
tblAssetCustom.State = 1
Order By tblAssets.Domain,
tblAssets.AssetName
I'll do my best to describe the Patch Tuesday report and how it works.
Basically, I provide a list of cumulative and security updates that are released in a month to the report. Based on that list, it checks whether those specific patches are listed on each machine.
You can find the list of patches at the bottom of the query:
Left Join (Select Top 1000000 tblQuickFixEngineering.AssetID From tblQuickFixEngineering Inner Join tblQuickFixEngineeringUni On tblQuickFixEngineeringUni.QFEID = tblQuickFixEngineering.QFEID Where tblQuickFixEngineeringUni.HotFixID In ('KB4601360','KB4601366','KB4601347','KB4601363', 'KB4601348','KB4601357','KB4601384','KB4601349','KB4601331','KB4601318','KB4601354', 'KB4601345','KB4601315','KB4601319')) As SubQuery1 On tblAssets.AssetID = SubQuery1.AssetID
I did at some point create an example of how to create this report for the last 3 months: https://www.lansweeper.com/forum/yaf_postst17094_Patch-Tuesday-report--last-3-months.aspx#post57400
Hope that helps.
P.S. The last two months the report have been different since I was trying a new method, but we will be switching back this month to the old trusted version.
These are the ports used by LanSweeper.
I'm not sure how your routers are configured. But basically start trying to ping an asset that you can't reach and trouble shoot from there. Open up ICMPv4, do trace routes to make sure your routing path is correct. Once you can ping the device from the same network as LanSweeper you should be all set to then open up the ports you'll need from the page I linked to above.
Without seeing how your routers are configured we can't give much specific advice.
I have not regarding this topic because I've seen someone else trying to get an answer on a similar topic: https://www.lansweeper.com/forum/yaf_postst14106_Monthly-Helpdesk-Reports.aspx#post48921. He got no reply since 2017, so I thought reddit would be the better option.
We recently did a customer advisory webinar which talks a bit more about future features: https://www.lansweeper.com/resources/customer-advisory-meetups/
Features are based on what customers ask us, so feel free to share what you would like to see. We also send out surveys every so often for this purpose.
The changelog can be found here: https://www.lansweeper.com/changelog/
It lists all changes and has prefixes based on whether something has been added, changed or has been fixed. If you have further feedback to improve it. Feel free to share it and we'll take a look at it.
If there was a newer Windows update out at the time of publishing than used in the report, it might have been a mistake on our part indeed. Since it has been a while, I haven't gone back into the archives to check.
For some of the reports (like this one), you will need to take context into consideration. Running a report regarding a specific vulnerability will most often be based on the information available (and updates available) at the time of publishing.
For SWAPGS specifically, since it was fixed with a Windows update (which are cumulative), you can also just run our latest Patch Tuesday report instead.
You can either only use scanning targets which only contain the servers you want to scan (like a specific IP Range) or you can use exclusions to exclude assets: https://www.lansweeper.com/knowledgebase/excluding-assets-from-scanning/
Thanks fo the reply, I will look into it more. I also just noticed that Lansweeper is creating an Enterprise version that is cloud based and ingests the data from your on-prem install so you can access it from anywhere. They are also working on a completely new user interface. You can request access here. Https://www.lansweeper.com/enterprise-early-access/
I wonder when it will be available?
Glad to hear you are enjoying it! If you want to do monitoring of the status of a device you can do it with a workaround.
Using a custom report, you can create a report which only displays assets that failed a scan in the past 5 minutes. If you setup a scanning target for your critical assets that scans every 5 minutes and create an alert from the report. You would pretty much have a up/down notification.
If you plan on doing this with a lot of assets, I would recommend reading up on the scanned item interval feature and use that too to reduce the impact on your network.
If you're interested, you can sign up for the beta mailing list and get your hands on it early to try it out and give feedback.
You can sign up at the bottom of this page: https://www.lansweeper.com/beta/